Weebly, a San Francisco-based company that has allowed more than 40 million people create websites with since 2007; will start sending notification letters to all of their customers on Thursday, informing them of a data breach that occurred eight months ago.The breach, affecting 43,430,316 customers, happened February 2016, but the root cause remains unknown. The compromised database is just now coming to the public\u2019s attention after an anonymous source sent it to LeakedSource.Prior to being notified, Weebly was unaware of the breach, but moved quickly once informed. Each compromised record contains usernames, passwords, email addresses, and IP information.\u201cWeebly recently became aware that an unauthorized party obtained email addresses and\/or usernames, IP addresses and encrypted (bcrypt hashed) passwords for a large number of customers. At this point we do not have evidence of any customer website being improperly accessed,\u201d the company said in a statement sent to Salted Hash.\u201cWe do not store any full credit card numbers on Weebly servers, and at this time we\u2019re not aware that any credit card information that can be used for fraudulent charges was part of this incident. We are taking steps to notify our customers - and we are taking swift action to address the situation. Our security team, with support from outside security consultants, is working to protect our customers and to enhance our network protections. This includes initiating password resets, implementing new password requirements and a new dashboard that gives customers an overview of recent log-in history of their Weebly account to track account activity.\u201dWeebly said that more information and additional updates would be given to customers and partners directly.LeakedSource posted details about the breach on their website, confirming that the company used uniquely salted bcrypt hashing to protect their passwords.Such security measures, LeakedSource wrote, prevented the data breach from coming more of a problem than it already was, as those responsible for the breach couldn\u2019t target customer websites.\u201cThis mega breach affects not only tens of millions of users but tens of millions of websites and with Weebly being one of the most popular hosting platforms in the world, this breach could have been far more disastrous in the wrong hands had they not strongly hashed passwords,\u201d the blog said.In addition to disclosing the Weebly breach, LeakedSource also used the blog to rant about their recent suspension from Twitter, for reasons unknown, and to disclose the fact they\u2019re currently working on data from FriendFinder Networks Inc. (See Salted Hash\u2019s coverage on these latest developments.)The post also says that 22 million records from a 2013 data breach at Foursquare, as well as 58 million records from the recent data breach at Modern Business Solutions.